<?php
$access_level = 0;
$page_title = 'eTAT: Administrator Console';
require_once 'controller.php';

if(isset($_POST['admin_create_submit'])) {
	$password = makePassword($_POST['admin_password']);
	$query = mysql_query("INSERT INTO `instructor` VALUES (NULL,'{$_POST['admin_full_name']}','{$_POST['admin_email']}','$password','3')") or die(mysql_error());
	redirect('admin.php');
}

if(isset($_POST['admin_login_submit'])) {
	$password = makePassword($_POST['admin_password']);
	$query = mysql_query("SELECT * FROM `instructor` WHERE `email` = '{$_POST['admin_email']}' AND `password` = '$password' AND `permission` = '3'");
	$result = mysql_fetch_object($query);
	if($result) {
		$_SESSION['admin'] = $result;
		redirect('admin.php');
	} else {
		redirect('admin.php?m=2');
	}
}

if(isset($_POST['admin_logout_submit'])) {
	$_SESSION['admin'] = false;
	redirect('admin.php');
}

if(isset($_POST['new_user_submit'])) {
	$sql = mysql_query("INSERT INTO `instructor` VALUES
		(NULL, NULL,'{$_POST['new_email']}',NULL,'1');") or die(mysql_error());
	//@TODO: send email to user
	redirect('admin.php');
}
require_once 'header.php';

$check = mysql_query("SELECT * FROM `instructor` WHERE `permission` = '3'");
if(!mysql_fetch_row($check)) { ?>
	<h1>Administrator Console</h1>
		<p>Looks like this is your first time at using eTAT.</p>
		<p>Start by creating an Administrator Account that can manage the rest of the user accounts:</p><br>
		<?php
		$form = new Form('new_admin_form','post');
		$form->textInput('admin_full_name','Admin Full Name');
		$form->textInput('admin_email','Admin Email Address');
		$form->textInput('admin_password','Admin Password',array('type'=>'password'));
		$form->button('admin_create_submit','Create',array('type'=>'submit'));
		print $form->build();
		?>
<?php
} else {
?>
<?php if($_SESSION['admin'] == false) {?>
<h1>Administrator Console</h1>
<form name='admin-login' method='post'>
	<?php
		$form = new Form('admin_login_form','post');
		$form->textInput('admin_email','Email Address');
		$form->textInput('admin_password','Password',array('type'=>'password'));
		$form->button('admin_login_submit','Login',array('type'=>'submit'));
		print $form->build();
	?>
</form>
<?php
} else {
	$query = mysql_query("SELECT * FROM `instructor`");
	while($r = mysql_fetch_object($query))
		$users[] = $r;
?>
<h1>Administrator Console</h1>
	<?php
		$form = new Form('admin_logout_form','post');
		$form->text('Welcome, '.$_SESSION['admin']->full_name.' ');
		$form->button('admin_logout_submit','Logout',array('type'=>'submit'),false);
		print $form->build();
	?>
<br />

<p><b>User List:</b></p><br />
<ul>
	<?php
		$form = new Form('new_user','post',true,array('class'=>'invisible'));
		$form->textInput('new_email','Gmail Address');
		$form->button('new_user_submit','Submit',array('type'=>'submit'),false);
		if(count($users) > 1) {
			foreach($users as $u) {
				if($u->permission == '1' && $u->permission != '3') {
					$key = base64_encode($u->email);
					print "<li>$u->email (Invitation sent) <a href='register.php?k=$key'>[link]</a></li>";
				} else if($u->permission == '2' && $u->permission != '3')
					print "<li>$u->full_name ($u->email)</li>";
			}
			print '<br>';
			print button('add_new_user','Add a New User',array('type'=>'button','onclick'=>'javascript:$(this).toggleClass("invisible");$("#new-user").toggleClass("invisible");$("#new-email").focus();'),false);
			$form->button('new_user_cancel','Cancel',array('type'=>'button','onclick'=>'javascript:$("#add-new-user").toggleClass("invisible");$("#new-user").toggleClass("invisible")'),false);
			print $form->build();
		} else {
			print "<p>There are currently no users in the eTAT Application. Start by adding one below:<br><br>";
			$form->setClass('visible');
			print $form->build();

		}
	?>
</ul>

<?php } } ?>
<div class='clear'></div>
<?php require_once 'footer.php'; ?>